Access Rule Configuration, 189 | NETGEAR XS712T-100NES guide

XS712T Smart Switch

IP 10.10.10.10 is configured with priority 1 to permit, and Source IP 10.10.10.10 is configured with priority 2 to Deny, then access is permitted if the profile is active, and the second rule is ignored.

4.Click Apply.

Access Rule Configuration

Use the Access Rule Configuration screen to add security access rules.

To configure access rules:

1.Select Security > Access > Access Control > Access Rule Configuration.

2.Specify the following settings:

•Rule Type. Select the action to be performed when the rules selected are matched. Use the drop-down box and select “Permit” or “Deny” access.

•Service Type. Select from the drop-down box. The policy is restricted by the management chosen from the drop-down menu. Possible methods include HTTP, Secure HTTP (SSL), and SNMP.

•Source IP Address. Enter Source IP Address of the client originating the management traffic. Fill in the “Source IP address” in the text box.

•Mask. Enter Source IP Address Mask of the client originating the management traffic. Fill in the “Mask” details in the text box provided.

•Priority. Assign a priority to the rule. The rules are validated against the incoming management request in the ascending order of their priorities. If a rule matches, action is performed and subsequent rules below are ignored. For example, if a Source IP 10.10.10.10 is configured with priority 1 to permit, and Source IP 10.10.10.10 is configured with priority 2 to Deny, then access is permitted if the profile is active, and the second rule is ignored.

3.Click Apply.

189

Image 189

NETGEAR XS712T-100NES manual Access Rule Configuration, 189

Contents

XS712T Smart Switch Technical Support XS712T Smart SwitchTrademarks Statement of Conditions Contents Configuring Routing Monitoring the System Appendix a Smart Control Center Utilities Getting Started Getting Started with the XS712T Smart Switch Connect the Switch to the Network Switch Management Interface  To install the switch in a network with a Dhcp server Discover a Switch in a Network with a Dhcp Server  To assign a static IP address Discover a Switch in a Network without a Dhcp Server XS712T Smart Switch Click the Local Area Connection link Configure the Network Settings on the Administrative System XS712T Smart Switch  To configure a static address on the switch Click Web Browser Access Access the Management Interface from a Web Browser Understand the User Interfaces Use the Web Interface To log on to the Web interface Smart Switch Web Interface Navigation Tabs, Configuration Menus, and Links Configuration and Status Options XS712T Smart Switch Link Submenu LinksCommand buttons Device view Device View Help Access Use SNMPv3 User-Defined FieldsDisallowed characters in user-defined fields XS712T Smart Switch Interface naming conventions Interface Naming Convention Online Help SupportUser Guide  To register the switch with Netgear Select Help Register RegistrationClick Register Management Configure System Information  To define a system name, location, and contact System Information Field Description System Information screen status fields IP Configuration XS712T Smart Switch  To configure the network information for an IPv6 network IPv6 Network Configuration IPv6 neighbor table fields IPv6 Network Neighbor Time XS712T Smart Switch IPv6 neighbor table fields  To manually configure the time Time Configuration XS712T Smart Switch Time Configuration status fields Sntp Server Configuration  To configure a new Sntp serverXS712T Smart Switch Time Configuration status fields  To change the settings for an existing Sntp server  To remove an Sntp serverSntp server status fields Summer Time Configuration  To configure the summer time settingsXS712T Smart Switch Sntp server status fields Denial of Service Configure Auto-DoS To enable the Auto-DoS feature  To configure individual DoS settings Configure Denial of Service XS712T Smart Switch Click Apply  To configure the global DNS settings Configure DNS  To remove an entry from the static DNS table Configure and View Hostname-to-IP Address Information To change the hostname or IP address in an entry Dynamically learned host name mapping information Green Ethernet Green Ethernet Interface Configuration Green Ethernet Detail  To configure Green Ethernet mode settings for a port Green Ethernet local device information Green Ethernet Summary XS712T Smart Switch Green Ethernet local device information Green Ethernet summary screen Green Ethernet power saving information  To configure the LPI settings View and Configure Green Ethernet LPI HistoryGreen Ethernet support information Green Ethernet interface information LPI history information  To add an Snmp community Configure the Snmp Community  To delete a community  To modify an existing community  To add an Snmp trap receiver Trap Configuration To modify information about an existing Snmp recipient  To delete an Snmp trap recipient  To configure the trap flags Trap FlagsSnmp Supported Mibs Lldp  To configure global Lldp settings Lldp Configuration  To configure Lldp port settings Lldp Port Settings LLDP-MED Network Policy LLDP-MED Port Settings  To configure LLDP-MED settings for a portXS712T Smart Switch LLDP-MED network policy information  To view local Lldp information Local Information Model and platform Are True enabled or False disabled  To view Lldp information received from a neighbor device Neighbors Information Field Field Description Port Details Field Description MED Details Services-DHCP Snooping  To configure Dhcp snooping global settings Global Configuration  To configure Dhcp snooping interface settings Interface Configuration XS712T Smart Switch Dhcp Snooping dynamic binding information Binding Configuration  To configure Dhcp snooping persistent settings Persistent Configuration Statistics  To view and clear the Dhcp snooping statisticsDhcp Snooping statistics XS712T Smart Switch Dhcp Snooping statistics Port Configuration  To configure port settingsPorts XS712T Smart Switch Flow Control Link Aggregation Groups LAG Configuration LAG Membership  To create a LAG Select Switching LAG Basic LAG Membership Lacp Configuration Lacp Port Configuration VLANs Basic Vlan Configuration  To delete a one or more VLANs To modify the Vlan name Vlan Membership Configuration Vlan Status Port Vlan ID Configuration XS712T Smart Switch MAC Based Vlan Protocol Based Vlan Group Configuration Protocol Based Vlan Group Membership  To modify protocol based Vlan information To delete a protocol based Vlan group Voice Vlan Configure Protocol-Based Auto VoIP Settings Auto-VoIP Configuration XS712T Smart Switch OUI Based Properties Port Settings OUI Table  To delete one or more OUI prefixes from the table Spanning Tree Protocol STP Configuration 100 101 CST Configuration 102 CST Port Configuration 103 104 CST Port Status 105 Rapid STP 106 MST Configuration MST Port Configuration  To delete an MST instance107 108 109 STP Statistics 110 Multicast Bridge Multicast Forwarding111 112 Mfdb Table 113 Mfdb Statistics Auto-Video Igmp Snooping114 115 Igmp Snooping Configuration 116 Igmp Snooping Interface Configuration 117 Igmp Snooping Table 118 Igmp Snooping Vlan Configuration Multicast Router Configuration  To disable Igmp snooping on one or more VLANs119 120 Multicast Router Vlan Configuration Igmp Snooping Querier Configuration Igmp Snooping Querier121 122 Igmp Snooping Querier Vlan Configuration 123 Igmp Snooping Querier Vlan Status MLD Snooping Igmp snooping querier Vlan status124 MLD Snooping Configuration MLD Interface Configuration125 126 127 MLD Vlan Configuration 128  To disable MLD snooping on a Vlan 129 Querier Configuration 130 Querier Vlan Configuration 131 Forwarding Database  To remove an MLD snooping querier configurationMAC Address Table 132 133 Dynamic Address Configuration 134 Address Table 135 Static MAC Address 136  To delete a static MAC address 137 Configure IP Settings IP Statistics  To display the IP statistics screen138 139 IP routing statistics 140 XS712T Smart Switch IP routing statistics 141 Configure Vlan Routing Vlan Routing Wizard142 143 144 Vlan Routing Configuration Configure Router Discovery Router Discovery Configuration145 146 Configure and View Routes  To delete one or more static routes Routing table information147 ARP Cache Configure ARP To display entries in the ARP table 148 ARP cache information Create a Static ARP EntryARP cache information for routing VLANs 149 150 Configure Global ARP Settings 151 All Dynamic Entries All Dynamic and Gateway Entries Remove an ARP Entry From the ARP CacheSpecific Static Entry 152 153 Class of Service 154 Basic CoS Configuration 155 CoS Interface Configuration 156 Interface Queue Configuration 157 158 802.1p to Queue Mapping 159 Dscp to Queue Mapping Differentiated Services Defining DiffServ160 Diffserv Configuration DiffServ MIB table information161  To configure the class match criteria Class Configuration To rename an existing class  To delete a class 163 164 165 IPv6 Class Configuration Policy Configuration  To delete a policy166 167 168 169 Service Configuration  To display the service statistics screen Service StatisticsService statistics  To remove a policy from an interface Management Security Settings Change Password171 172  To reset the password to the default value Radius Configuration Global Configuration173 174 Radius Server Configuration  To delete a configured Radius server Radius server statistics175 176 Accounting Server Configuration 177 Radius accounting server statistics Configuring TACACS+ TACACS+ Configuration178 179 TACACS+ Server Configuration Authentication List Configuration Http Authentication List180 181 Https Authentication List 182 Dot1x Authentication List Configure Management Access Http Configuration183 184 Secure Http Configuration 185 Certificate Management 186 Certificate Download 187 Access Control Access Profile Configuration188 189 Access Rule Configuration Port Authentication 802.1X Configuration190 191 Port Authentication 192 193 194 Port authentication status information XS712T Smart Switch Port authentication status information  To access the port Summary screenPort Summary 195 196 Ieee 802.1X port summary information XS712T Smart Switch Ieee 802.1X port summary information MAC Filter ConfigurationTraffic Control 197 198  To delete a configured MAC filter  To display the MAC filter summary screen MAC Filter SummaryMAC filter summary information 199 200 Storm Control 201 Port Security Configuration Port Security Interface Configuration Port security violation information202 203 Security MAC Address Dynamic MAC address table information204 Private Vlan Configuration Protected Ports Membership205 Private Vlan Association Configuration Private Vlan type table information206 Private Vlan Port Mode Configuration Private Vlan association table information207 208 Private Vlan Host Interface Configuration 209 Private Vlan host interface table information 210 Private Vlan Promiscuous Interface Configuration 211 Private Vlan promiscuous interface table information 212 Configuring Access Control Lists 213 ACL Wizard 214  To remove a rule  To add a MAC ACL Select Security Basic MAC ACL  To change the name of a MAC ACL215 MAC Rules  To delete a MAC ACL216  To change the match criteria for a rule  To delete a rule217 218 MAC Binding Configuration MAC Binding Table MAC binding table information219 220  To delete an IP ACL IP Rules  To add IP rules Select Security ACL Advanced IP Rules221  To modify the match criteria for an ACL rule IP Extended Rules To delete and IP ACL rule 222 223 224 225 IPv6 ACL  To add an IPv6 ACL Select Security ACL Advanced IPv6 ACL IPv6 Rules To delete an IPv6 ACL 226 227 228 229  To delete an IPv6 rule 230 IP Binding Configuration IP Binding Table IP binding table information231 Vlan Binding Table  To delete a Vlan binding232 233 Switch Statistics 234 Switch statistics 235 XS712T Smart Switch Switch statistics Port Statistics Port statistics236  To reset the counters for a specific interface  To reset the counters for all interfaces on the switchXS712T Smart Switch Port statistics 237 238 Port Detailed Statistics 239 Detailed interface statistics 240 XS712T Smart Switch Detailed interface statistics 241 242 243 244 EAP Statistics EAP statistics245 246 XS712T Smart Switch EAP statistics 247 Cable Test Logs Cable information248 249 Memory Log 250 Flash Log 251 252 Server Log  To add a remote syslog host log server  To modify the settings for an existing host To delete an existing host 253  To view trap log information Trap LogsTrap log statistics Trap log information  To view the event logs Event LogsEvent log information 255 256 Mirroring 257  To delete a mirrored port 258 Reset Device Reboot259 Factory Default Upload260 261 Tftp File Upload 262 Http File Upload Download Tftp File Download263 264 265 Http File Download File Management Copy266 267 Dual Image Configuration 268 Dual Image Status 269 Network Utilities 270 Configure the Device  To modify switch information271  To change the switch password Change the Switch PasswordClick Change Password 272 Upload and Download the Configuration Manage the Switch Configuration and FirmwareClick Upload Configuration 273 274 Click Download Configuration Upgrade the Firmware  To upgrade your firmware275 276 277 View and Manage Tasks 278 Troubleshooting Configuration Menu Ping279 280 281 Ping IPv6 282 TraceRoute Troubleshooting Chart Troubleshooting chart283 284 285 Virtual Local Area Networks VLANs 286 Sample Vlan Configuration 287 Access Control Lists ACLs Assign Queue Match Every. False CoS MAC ACL Example ConfigurationDestination MAC Mask Ffff Vlan ID Rule ID Action. Deny Sample Standard IP ACL ConfigurationMatch Every. False Source IP Address Rule ID 290 Differentiated Services DiffServ Class DiffServ Traffic Classes291 Create Policies Traffic Conditioning Policy292 Class Name. Class1 Class Type. All Sample DiffServ ConfigurationProtocol Type. UDP Source IP Address Destination IP Address Destination Mask 802.1X Assign Queue Policy Attribute. Simple Policy294 295 Sample 802.1X Configuration Secret Configured. Yes296 297 Mstp 298 Sample Mstp Configuration Switch 1 Switch 2 Switch 3299 MST ID MST ID Priority Vlan ID300 Vlan Routing with a Static Route Sample Vlan Routing ConfigurationVlan Routing Overview 301 302 XS712T Smart Switch Specifications Smart Switch specifications303 XS712T Switch Features and Defaults Switch features and defaults304 305 XS712T Smart Switch Switch features and defaults 306 Certificate of the Manufacturer/Importer Netgear Wired ProductsBestätigung des Herstellers/Importeurs FCC Caution Europe EU Declaration of Conformity Edoc in Languages of the European Community308 FCC Information to User FCC Requirements for Operation in the United StatesFCC Guidelines for Human Exposure FCC Declaration Of Conformity 310 FCC Radio Frequency Interference Warnings & Instructions